Developing Enterprise ApplicationsA Technical Perspective

V. “Juggy” JagannathanWest Virginia University

Introduction

Provide an overview of the technologies that are relevant to the development and deployment of enterprise solutions

Goals of today’s presentation:

Allow participants to evaluate where the technology is headed

Technology solutions

What is an Enterprise Application (EA) ?

• EA Requirements• Platform Choices

– OMG approach– Web Services– Java– .NET

• Security technologies• Communication

technologies• Storage advances• Sample systems

What is an EA?• An Enterprise Application (EA) allows large

number of clients to use complex application software using Internet Protocols.

– EAs provide infrastructure to host the application

– As enterprise applications, EAs must satisfy a wide range of stringent requirements

Definition

.

Technology solutions

What is an EA?

• EA Requirements• Platform Choices

– OMG approach– Web Services– Java– .NET

• Security technologies• Communication

technologies• Storage advances• Sample systems

EA Requirements

• Flexibility• Security• Reliability• Availability• Scalability• Evolvability• Performance

• Supportability

• Maintainability

• Interoperability

• Platform Independence

• Location Independence

• Open Standards and Systems

• Architecture Choices

Technology solutions

EA Requirements

• Solutions that satisfy the customer’s workflow needs

• For healthcare documentation:– Dictation workflow– Transcription workflow– Signature workflow– Routing workflow– Coding workflow

•Flexibility

•Security

•Reliability

•Availability

•Scalability

•Evolvability

•Performance

Technology solutions

It’s the process, stupid! Not technology.—Mike Waldrum, UAB

What are EA flexibility requirements?

EA Requirements

Focus computation where it can be most effective to meet the needs of the workflow

Technology solutions

Off-Premise Computation

Internet

On-Premise Computation

Flexibility:Edge Computing

•Flexibility

•Security

•Reliability

•Availability

•Scalability

•Evolvability

•Performance

EA Requirements• Compliance with HIPAA regulations

– Privacy protection• Data encryption• Stringent access control• Audit trails• Physical security of premises• Virus and intrusion protection

Technology solutions

Encryption...is a powerful defensive weapon for free people. It offers a technical guarantee of privacy, regardless of who is running the government... It's hard to think of a more powerful, less dangerous tool for liberty. —Esther Dyson

What are EA security requirements?

•Flexibility

•Security

•Reliability

•Availability

•Scalability

•Evolvability

•Performance

EA Requirements• No work is ever lost• No document is ever lost or corrupted• Proven backup and recovery strategies

are in place• Physical infrastructure (data center)

has ample protection, including fire protection

Technology solutions

There are only two kinds of computer users: those who have lost data in a crash, and those who will lose data in a crash. —Bob LeVitus

What are EA reliability requirements?

•Flexibility

•Security

•Reliability

•Availability

•Scalability

•Evolvability

•Performance

EA Requirements• What guarantees are provided?

• How much down time are you willing to tolerate? How can you find out?

• Is there a backup in case a server goes down?

• Is there a backup in case of a power outage?

• Is there a backup in case of a network outage?

• Is there a backup data center?

• Is there a disaster recovery plan?

Technology solutions

Issues regarding availability:

•Flexibility

•Security

•Reliability

•Availability

•Scalability

•Evolvability

•Performance

EA RequirementsCalculating total availability

Technology solutions

Amount of downtime Formula

Uptime percentage

5 minutes/year (8760 - 5/60)/8760 99.999 % [five 9s]

1 hour/year 8759/8760 99.99 %

52 hours/year

(1 hr/week)

8708/8760 99.4%

# of hours per year = 365 x 24 = 8,760

•Flexibility

•Security

•Reliability

•Availability

•Scalability

•Evolvability

•Performance

EA Requirements• What happens when you add more

users? More volume? How easy is it to upgrade infrastructure?

• Does the company have the financial resources to improve the infrastructure?

Sooner or later, you will need scalability, which means the ability to add hardware.

Issues regarding scalability:

Just as we could have rode into the sunset, along came the Internet, and it tripled the significance of the PC. —Andy Grove

•Flexibility

•Security

•Reliability

•Availability

•Scalability

•Evolvability

•Performance

EA Requirements

• How easy is it to upgrade? Can you upgrade one user without upgrading others?

• What are the technological underpinnings?• Are there automatic upgrades?

Solutions must be engineered to continuously evolve and leverage the latest in Internet technologies.

Issues regarding evolvability:

Whoever desires constant success must change his conduct with the times.

—Machiavelli

•Flexibility

•Security

•Reliability

•Availability

•Scalability

•Evolvability

•Performance

EA Requirements

• What benchmarks are available?• Time required to submit reports?• Retrieve reports?• Retrieve and sign?• How is the performance under a heavy

load? No load?• What is the degradation? Is it

acceptable to the user community?• Can you work off-line?

Issues regarding performance:

Technology is so much fun—but we can drown in our technology. The fog of information can drive out knowledge. —Daniel J. Boorstin

•Flexibility

•Security

•Reliability

•Availability

•Scalability

•Evolvability

•Performance

EA Requirements

• Can the user manage his/her own support needs? Is support Web-based?

• What infrastructure support is available?• Is support 24/7, 365 days? How prompt is

response?• Will slow response cause down time?

•Supportability

•Maintainability

•Interoperability

•Platform Independence

•Location Independence

•Open Standards and Systems

•Architecture Choices

Issues regarding supportability

Computers shouldn't be unusable. You don't need to know how to work a telephone switch to make a phone call, or how to use the Hoover Dam to take a shower, or how to work a nuclear-power plant to turn on the lights.

—Scott McNealy

EA Requirements• Who maintains the software?• How is maintenance and software

evolution managed?• What technology basis facilitates

maintenance?

Advanced components and object-oriented technologies facilitate software maintenance and evolution

Issues regarding maintainability

•Supportability

•Maintainability

•Interoperability

•Platform Independence

•Location Independence

•Open Standards and Systems

•Architecture Choices

EA Requirements

• How easy is it to interface to the system?• Does it provide open APIs?• Does it support XML-based data

exchange? Document interchange?• Does it support interoperable standards?

Issues regarding interoperability

Correct me if I'm wrong - the gizmo is connected to the flingflang connected to the watzis, watzis connected to the doo-dad connected to the ding dong. —Patrick B. Oliphant

•Supportability

•Maintainability

•Interoperability

•Platform Independence

•Location Independence

•Open Standards and Systems

•Architecture Choices

EA Requirements• What platform is used? Windows

or Unix?• Does it support both, leveraging

the strengths of both platforms?

Issues regarding the platform:

•Supportability

•Maintainability

•Interoperability

•Platform Independence

•Location Independence

•Open Standards and Systems

•Architecture Choices

EA Requirements

• Can users work from home?• Over low speed modem lines?• Work in LAN, WAN environments

over secure lines?• Can they work on the go using their

PDAs?

Issues regarding user location:

•Supportability

•Maintainability

•Interoperability

•Platform Independence

•Location Independence

•Open Standards and Systems

•Architecture Choices

EA Requirements• What standards are supported?

– Internet standards: HTTP, XML, Web services, etc.

– Object standards: CORBA, DCOM

– Security standards: PKI, SSL

Issues regarding standards

•Supportability

•Maintainability

•Interoperability

•Platform Independence

•Location Independence

•Open Standards and Systems

•Architecture Choices

EA Requirements• Platform choices: Microsoft, OMG,

Java, Web services• Off-premise, on-premise, edge

computing trade-offs• Thin vs. thick clients: trade-offs in

functionality, performance and supportability

Issues regarding architecture

The first rule of any technology used in a business is that automation applied to an efficient operation will magnify the efficiency. The second is that automation applied to an inefficient operation will magnify the inefficiency.

—Bill Gates

•Supportability

•Maintainability

•Interoperability

•Platform Independence

•Location Independence

•Open Standards and Systems

•Architecture Choices

EA Requirements

• Implementation alternatives:– Off-premise—hosted solution—typically

viewed as the EA model– Edge computing model: a hybrid model

combining EA and an on-premise solution– On-premise solution

The choice of a solution depends on the organization’s goals and objectives.

.Platform Choices

• What is an EA?• EA Requirements• Platform Choices

– OMG approach– Web Services– Java– .NET

• Security technologies• Communication

technologies• Storage advances• Healthcare standards• Sample systems

Platform Choices• Platform standards

– Object Management Group (OMG) CORBA infrastructure and approach

– Web Services—the new kid on the block

• Other popular platforms

– Sun J2EE Platform

– Windows .NET

• Additional platforms

– Oracle

– IBM

– Iona

What are the options?

.OMG Approach

• What is an EA?• EA Requirements• Platform Choices

– OMG approach– Web Services– Java– .NET

• Security technologies• Communication

technologies• Storage advances• Healthcare standards• Sample systems

.

Technology solutions

Web Services

• What is an EA?• EA Requirements• Platform Choices

– OMG approach– Web Services– Java– .NET

• Security technologies• Communication

technologies• Storage advances• Healthcare standards• Sample systems

.

Technology solutions

Java

• What is an EA?• EA Requirements• Platform Choices

– OMG approach– Web Services– Java– .NET

• Security technologies• Communication

technologies• Storage advances• Healthcare standards• Sample systems

Platform Choices: Java

Java and J2EE PlatformOverview

Platform Choices: Java J2EE Architecture

J2EEApplication

Server

JAF

JavaM

ail

JMS

JDB

C

JTA

JND

I

RM

I/IIOP

Servlets JSPsTag

Library

Web Container

JAF

JavaM

ail

JMS

JDB

C

JTA

JND

I

RM

I/IIOP

EJB Container

SessionBeans

EntityBeans

RDBMS Mail Server

Java App.

CORBA Server

DirectoryService

Message Queue

XHTMLXML

Applet

ClientApp.

HTTP(S)

Reproduced with Permission from Java Server Programming J2EE Edition – Wrox Press, Ltd, 2000

Platform Choices: JavaJ2EE Platform components:

Java : J2EE Platform

• JAXP 1.0 – Java API for XML Processing

• JDBC 3.0 – Java Data Base Connectivity

• RMI over IIOP• EJB 2.1 – Enterprise

Java Beans• Java Servlets 2.4• Java Server Pages

2.0

• Java Message Service 1.0• Java Naming and

Directory Interface (JNDI) 1.2

• Java Transaction API 1.0• JavaMail 1.1 J2EE

Connector Architecture 1.0• Java Authentication and

Authorization Service 1.0

Platform Choices: Java

J2EE Platform

Java : J2EE Platform

• Strong and proven platform

• Evolving constantly

• Already supports various APIs to develop and deploy web services

..NET

• What is an EA?• EA Requirements• Platform Choices

– OMG approach– Web Services– Java– .NET

• Security technologies• Communication

technologies• Storage advances• Healthcare standards• Sample systems

Platform Choices: .NET

.NET PlatformClient App. Users

Web Services

WebForms

.NET Framework

HT

TP

SO

AP

UD

DI

OD

BC

DC

OM

.NE

T

Web serversWeb serversWeb serversWeb serversWeb servers.NET servers

Platform Choices: .NET.NET Components

.NET Platform

• .NET framework

– Common Language Runtime (CLR) library

– ActiveX Data Objects - (ADO.NET)

– Active Server Pages – (EA.NET) and supports Web Services (UDDI, WSDL & SOAP)

– .NET Compact framework for PDAs

– .NET Remoting (RPC support)• Visual Studio .NET

– VB, C++, C#, Jscript… all compile to MSIL (Microsoft Intermediate Language) and utilize CLR

Platform Choices: .NET.NET Framework

.NET Platform

• Microsoft’s big push to open standards and support for XML-based solutions

• Fully supports Web Services approach• Microsoft is an active participant in W3C efforts

and is a strong proponent of standardization of Web Services and related technologies.

.

Technology solutions

Topic Outline

• What is an EA?• EA Requirements• Platform Choices

– OMG approach– Web Services– Java– .NET

• Security technologies• Communication

technologies• Storage advances• Healthcare standards• Sample systems

Security TechnologiesSecurity Concerns

• Authentication• Authorization and access control• Data Integrity• Data Confidentiality• Signing and non-repudiation• Audit trails• Virus protection and intrusion detection

Security

Security TechnologiesTechnology options:

• Hashing/digest creations – SHA, MD5• Encryption – Symmetric - DES• Encryption – Asymmetric - PKI• Digital Signatures• Trust and Public Key Certificates• Secure Sockets Layer (SSL)• Smartcards, Biometrics (Thumbprints, retinal

prints, voice prints)

Security

Security Technologies

Technology solutions

XML and Security

Security

• XML Signature• XML Encryption• Security Assertion Markup Language (SAML)• XKMS – XML Key Management Specifications• X-KISS – XML – Key Information Service

Specification• X-KRSS - XML Key Registration Service

Specification

.

Technology solutions

Topic Outline

• What is an EA?• EA Requirements• Platform Choices

– OMG approach– Web Services– Java– .NET

• Security technologies• Communication

technologies• Storage advances• Healthcare standards• Sample systems

Communication Technologies

Technology solutions

• Ethernet• Wireless

– Phone• GSM• CDMA/TDMA

– Network • Bluetooth• 802.11b• Zigbee

• Broadband– DSL– Cable

Communication

Communication Technologies

• High bandwidth Internet connection• Always on—no need to explicitly establish

connection• Supports audio and video in addition to

data connectivity• Typically, downstream bandwidth is a lot

higher than upstream bandwidth

Broadband technology

Communication

Communication Technologies

Communication

• Options:– DSL– Cable Modem

• Check out how much bandwidth you have from your broadband provider!

http://www.toast.net/performance/

http://www.dslreports.com/stest

Bandwidth

.Storage Advances

• What is an EA?• EA Requirements• Platform Choices

– OMG approach– Web Services– Java– .NET

• Security technologies• Communication

technologies• Storage advances

Storage Advances

Technology solutions

Storage

• A microcosm of EA requirements• Storage technologies have to address these

issues:– Availability– Reliability– Scalability– Performance– Security

Storage Requirements

Storage Advances

Storage

• RAID technology – primarily to address reliability and performance issues

• Storage Area Networks (SAN) and Network Attached Storage (NAS) – primarily to address scalability and availability issues

– SAN – to increase the storage capacity of a server (say, a database server)

– NAS – to increase the storage capacity of file servers on the network

Storage Technologies

Storage Advances

• Redundant Array of Inexpensive/Independent Disks

• Can be implemented in software or hardware

What is RAID?

Storage

Storage Advances

Technology solutions

• RAID0 striping Simple striping of data across all the disks in an array. Improves load balancing and performance. Does not provide redundancy.

Total capacity = Individual Disk capacity * number of disks in array

• RAID1 mirroring Mirroring of data in multiple disks. Provides redundancy.

Total capacity = Individual Disk capacity * (number of disks in array/2)

• RAID0+1 RAID0 and 1 strategies are combined to provide high performance and reliability.

RAID Configurations

Storage

Storage Advances

• RAID 5 Use of Error Correction Codes to increase capacity in RAID arrays.

Total capacity = Individual Disk capacity * (n-1) where n is number of disks in array

Higher disk capacity. Good for small reads, bad for writes.

Can recover from any one disk failure.• RAID 6 same as RAID 5, but can tolerate two

disk failures.

RAID Configurations

Storage

Storage AdvancesStorage Area Networks

(SAN)

Storage

Hubs

Switches

Bridges

RAID

RAID

RAID

Storage Advances

• Rapidly evolving field• Major players for enterprise storage

include EMC and Network Appliance, Inc.• Microsoft is a recent entry to the

marketplace with its Windows Storage Server 2003

Storage Technology Highlights

Storage

Technology solutions

• MD5 - Message Digest 5• SHA - Secure Hashing

Algorithm• NTLM Authentication protocol• DES - Data Encryption

Standard• HTTP-EF - HTTP Extension

Framework• XKMS - XML Key Management

Services• X-KISS - XML - Key Information

Service Specification

Application Service Provider Model

Glossary

• SAML - Security Access Markup Language

• WSDL - Web Services Description Language

• IDL - Interface Definition Language

• UML - Unified Modelling Language

• SOAP - Simple Object Access Protocol

• UDDI - Universal Description, Discovery and Integration

Conclusion

Technology solutions

Questions?